cvelistv5 - CVE-2016-6424

CVE-2016-6424 (GCVE-0-2016-6424)

Vulnerability from cvelistv5

Published

2016-10-06 10:00

Modified

2024-08-06 01:29

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2016-6424

Vulnerability from fkie_nvd

Published

2016-10-06 10:59

Modified

2025-04-12 10:46

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/93408	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1036961	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93408	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036961	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	cisco	adaptive_security_appliance_software	8.4.7.29
	cisco	adaptive_security_appliance_software	9.1\(7\)4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F3BD921-A58A-47EB-B90D-21C3A5D02D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
              "matchCriteriaId": "07BC9E2D-0B86-4A82-8CB4-A31FFBF322CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n de DHCP Relay en Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 y 9.1.7.4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cu\u00f1a de interfaz) a trav\u00e9s un \u00edndice de transmisi\u00f3n de paquetes DHCP manipulado, vulnerabilidad tambi\u00e9n conocida como Bug ID CSCuy66942."
    }
  ],
  "id": "CVE-2016-6424",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-06T10:59:10.163",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93408"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036961"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. Cisco ASA Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuy66942. Cisco ASA Software is vulnerable. The platform provides features such as highly secure access to data and network resources

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0275",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "cisco",
        "version": "8.4.7.29"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.1\\(7\\)4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "cisco",
        "version": "9.1.7.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93408"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:adaptive_security_appliance_software",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "93408"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-6424",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2016-6424",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-95244",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2016-6424",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-6424",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-6424",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-075",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-95244",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. Cisco ASA Software is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuy66942. \nCisco ASA Software is vulnerable. The platform provides features such as highly secure access to data and network resources",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "BID",
        "id": "93408"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-6424",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1036961",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "93408",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-95244",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "db": "BID",
        "id": "93408"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "id": "VAR-201610-0275",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T23:05:34.735000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20161005-asa-dhcp",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
      },
      {
        "title": "Cisco ASA DHCP Relay Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64503"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161005-asa-dhcp"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/93408"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036961"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6424"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6424"
      },
      {
        "trust": 0.6,
        "url": "http://securitytracker.com/id/1036961"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "db": "BID",
        "id": "93408"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "db": "BID",
        "id": "93408"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "date": "2016-10-05T00:00:00",
        "db": "BID",
        "id": "93408"
      },
      {
        "date": "2016-10-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "date": "2016-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "date": "2016-10-06T10:59:10.163000",
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95244"
      },
      {
        "date": "2016-10-10T04:02:00",
        "db": "BID",
        "id": "93408"
      },
      {
        "date": "2016-10-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      },
      {
        "date": "2016-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      },
      {
        "date": "2024-11-21T02:56:06.230000",
        "db": "NVD",
        "id": "CVE-2016-6424"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliance Software  DHCP Denial of service in relay implementation  (DoS) Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005137"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-075"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2016-09468

Vulnerability from cnvd

Title

Cisco Adaptive Security Appliance Software拒绝服务漏洞（CNVD-2016-09468）

Description

Cisco Adaptive Security Appliance Software是美国思科（Cisco）公司的可提供安全和VPN服务的模块化平台。 Cisco Adaptive Security Appliance Software 8.4.7.29和9.1.7.4版本存在拒绝服务漏洞，允许远程攻击者通过精心编制的DHCP数据包传输速率导致拒绝服务。

Severity

中

Patch Name

Cisco Adaptive Security Appliance Software拒绝服务漏洞（CNVD-2016-09468）的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp

Impacted products

Name
['Cisco Adaptive Security Appliance Software 8.4.7.29', 'Cisco Adaptive Security Appliance Software 9.1.7.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6424"
    }
  },
  "description": "Cisco Adaptive Security Appliance Software\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\u3002\r\n\r\nCisco Adaptive Security Appliance Software 8.4.7.29\u548c9.1.7.4\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236\u7684DHCP\u6570\u636e\u5305\u4f20\u8f93\u901f\u7387\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09468",
  "openTime": "2016-10-19",
  "patchDescription": "Cisco Adaptive Security Appliance Software\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\u3002\r\n\r\nCisco Adaptive Security Appliance Software 8.4.7.29\u548c9.1.7.4\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236\u7684DHCP\u6570\u636e\u5305\u4f20\u8f93\u901f\u7387\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Adaptive Security Appliance Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09468\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Adaptive Security Appliance Software 8.4.7.29",
      "Cisco Adaptive Security Appliance Software 9.1.7.4"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-13",
  "title": "Cisco Adaptive Security Appliance Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09468\uff09"
}

ghsa-mrrg-x8wc-mhcg

Vulnerability from github

Published

2022-05-14 02:03

Modified

2022-05-14 02:03

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6424"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-06T10:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.",
  "id": "GHSA-mrrg-x8wc-mhcg",
  "modified": "2022-05-14T02:03:56Z",
  "published": "2022-05-14T02:03:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6424"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93408"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036961"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2016-6424

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-6424

Aliases

CVE-2016-6424

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6424",
    "description": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.",
    "id": "GSD-2016-6424"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6424"
      ],
      "details": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.",
      "id": "GSD-2016-6424",
      "modified": "2023-12-13T01:21:23.338237Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-6424",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20161005 Cisco ASA Software DHCP Relay Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
          },
          {
            "name": "93408",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93408"
          },
          {
            "name": "1036961",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036961"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6424"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20161005 Cisco ASA Software DHCP Relay Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
            },
            {
              "name": "93408",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/93408"
            },
            {
              "name": "1036961",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1036961"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-08-15T15:14Z",
      "publishedDate": "2016-10-06T10:59Z"
    }
  }
}

CERTFR-2016-AVI-331

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

De multiples produits sont impactés. Se référer au bulletin de l'éditeur pour la liste exhaustive des produits.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-bgp du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-chs du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-catalyst du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-otv du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-iosxr du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-chs du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-catalyst du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-bgp du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-iosxr du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-otv du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc du 05 octobre 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDe multiples produits sont impact\u00e9s. Se r\u00e9f\u00e9rer au bulletin de  l\u0027\u00e9diteur pour la liste exhaustive des produits.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1454"
    },
    {
      "name": "CVE-2016-1455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1455"
    },
    {
      "name": "CVE-2016-6425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6425"
    },
    {
      "name": "CVE-2016-6433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6433"
    },
    {
      "name": "CVE-2016-6422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6422"
    },
    {
      "name": "CVE-2016-6434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6434"
    },
    {
      "name": "CVE-2016-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6427"
    },
    {
      "name": "CVE-2016-6426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6426"
    },
    {
      "name": "CVE-2016-6423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6423"
    },
    {
      "name": "CVE-2015-0721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0721"
    },
    {
      "name": "CVE-2016-6428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6428"
    },
    {
      "name": "CVE-2015-6393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6393"
    },
    {
      "name": "CVE-2016-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1453"
    },
    {
      "name": "CVE-2016-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6435"
    },
    {
      "name": "CVE-2016-6436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6436"
    },
    {
      "name": "CVE-2015-6392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6392"
    },
    {
      "name": "CVE-2016-6424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6424"
    }
  ],
  "initial_release_date": "2016-10-06T00:00:00",
  "last_revision_date": "2016-10-06T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ios-ikev du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-chs du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-chs"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-n9kinfo du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-catalyst du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-bgp du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-iosxr du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-iosxr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-otv du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis3 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-asa-dhcp du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-nxaaa du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc"
    }
  ],
  "reference": "CERTFR-2016-AVI-331",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-10-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eCisco\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-bgp du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-chs du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-catalyst du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-otv du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-iosxr du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-6424 (GCVE-0-2016-6424)

Vulnerability from cvelistv5

fkie_cve-2016-6424

Vulnerability from fkie_nvd

var-201610-0275

Vulnerability from variot

cnvd-2016-09468

Vulnerability from cnvd

ghsa-mrrg-x8wc-mhcg

Vulnerability from github

gsd-2016-6424

Vulnerability from gsd

CERTFR-2016-AVI-331

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature